A system design for the measurement and evaluation of the communications security domain in ISO 27001:2013 using an ontology

Abstract

This paper presents a system design using the design and linking semantic technology of ontologies by mapping the structure base and finding identical meanings of each text. The Wu and Palmer method and WordNet database were used for this purpose. The accuracy of the results of the concept are measured by using Recall, Precision, and F-Measure. Then, the proposed designed can be used to developed tools to qualify the security system for communications security domain under the standards of information security management for ISO 27001:2013. However, the cost of certification to organisations to meet international standards is considerable. Our intention was to demonstrate the ontology-based concept for organisations to be able to reduce their certification costs by waiving the requirement for an external consultant to evaluate their standards and policies.